282 matches found
MiniCMS has multiple vulnerabilities
miniCMS a mini content management system designed for personal websites. MiniCMS has multiple vulnerabilities that can be exploited by attackers to obtain sensitive information on a website...
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...
CVE-2018-10424
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...
CVE-2018-10424
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...
Path traversal
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...
CVE-2018-10424
MiniCMS 1.10 is affected. The vulnerability is in mc-admin/post-edit.php where a modified id field allows full path disclosure. The root cause is a path disclosure issue that leads to information exposure. Exploitation details and mitigations are not provided in the supplied documents.
CVE-2018-10423
MiniCMS 1.10 is affected by CVE-2018-10423 due to mc-admin/post.php: after posting an article, a link enables remote attackers to obtain a directory listing of the web root. This is an information-disclosure flaw (top-level file listing) with impact described as partial confidentiality loss; no e...
CVE-2018-10424
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field...
MiniCMS Information Disclosure Vulnerability
MiniCMS is a mini content management system CMS designed for personal websites. A security vulnerability exists in the mc-admin/post-edit.php file in MiniCMS version 1.10. An attacker can exploit the vulnerability by changing the id field to obtain the full path...
MiniCMS Information Disclosure Vulnerability (CNVD-2018-08993)
MiniCMS is a mini content management system CMS designed for personal websites. An information disclosure vulnerability exists in the mc-admin/post.php file in MiniCMS version 1.10. A remote attacker can exploit this vulnerability to view all files located in the web root path...
Design/Logic Flaw
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter...
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter...
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter...
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter...
CVE-2018-10296
Technical details for CVE-2018-10296 are not publicly available in the provided documents. No concrete affected versions, root cause, or remediation are shown here. Monitor for updates in connected sources.
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php sitelink parameter...
Design/Logic Flaw
MiniCMS v1.10 has XSS via the mc-admin/conf.php sitelink parameter...
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php sitelink parameter...